Re: ✘"Sudo? Sudon't!" and "Saving U-blox Configuration"

[Gary E. Miller]

Yo Joshua!

You are correct:  I have nothing more on sudo.

On Tue, 19 Jan 2021 17:10:31 -0500
Joshua Judson Rosen <rozzin@hackerposse.com> wrote:

> On 1/19/21 1:08 PM, Gary E. Miller wrote:
> > Yo Joshua!
> > 
> > On Tue, 19 Jan 2021 12:17:11 -0500
> > Joshua Judson Rosen <rozzin@hackerposse.com> wrote:
> >   
> >> On 1/18/21 1:23 PM, Gary E. Miller wrote:  
> >>> If you wish to ignore my sage advice, feel free to run insecure
> >>> systems.
> >>>
> >>> But this list is for discussion of gpsd.  Not sudo.  
> >>
> >> Then why are you so insistent on discussing the general security
> >> issues of sudo and whether people should use it at all, instead of
> >> just describing what the actual issue is with _specifically as
> >> applied to gpsd_?  
> > 
> > Because I hate wasting my time on dead ends.   
> [...]
> > The text clearly says that sudo breaks ubxtool examples.  What more
> > do you need to know to not use sudo with ubxtool examples?  
> 
> Good question--I thought that's what Bernd was saying in his initial
> response on Friday, though he didn't phrase it as a question.
> I would answer "nothing more". If that's all you want to say, why not
> have your doc _just say that_?
> 
> You are the only one insisting that the users need to also be briefed
> in general security issues related to sudo and AFAICT unrelated to
> gpsd or ubxtool.
> 
> If you want to just drop that discussion and reduce the text to
> something like:
> 
>       Do not run ubxtool with sudo!
> 
>       For some reason some users persist in using sudo with
> ubxtool. This is wrong:
> 
>           While ubxtool will run fine if root runs it, ubxtool
> never needs root access!
> 
>           Using sudo with some of these examples will break
> them--do not use sudo to run ubxtool.
> 
> ... then everyone will likely stop giving you the feedback you
> requested on the phrasing of those now-eliminated sudo/security
> advisories.
> 
> > I thought this was vey clear:
> > 
> > https://gpsd.io/ubxtool-examples.html
> > 
> >      ubxtool never needs root access, but will run fine as root.  
> 
> I thought that statement was reasonably clear and complete as well
> (though it could be slightly cleaned by rephrasing as I described
> above). Especially if you just *stopped there* instead of rambling on
> about what are AFAICT unrelated general sysadmin/security issues
> (especially since you then explicitly stated "Please let us keep the
> discussion to the specifics at hand: running ubxtool under sudo.
> general sysadmin issues should be discussed elsehere [sic?].")
> 
> > Howcum everyone wants to discuss this ad nauseum,  
> 
> I'm sorry, but you've lost me. I'd like to offer constructive
> criticism of your `implementation' (the text expressing your idea,
> whatever it is) without having to join the fight over the idea
> itself--since I thought you had asked for such feedback. But I can't
> figure out what the point of this conversation is anymore.
> 
> AFAICT you're the one who keeps steering the conversation
> back to "sudo security issues" etc. at all. Bernd and I have both
> suggested just dropping that line of conversation entirely at this
> point.
> 
> Nobody else does want to talk about it, AFAICT.
> 
> The constant vacillation (to the point where I agreed with you
> and you immediately shot back "I disagree") makes it look like you
> are fighting with yourself.
> 
> I don't even understand what you're trying to accomplish at this
> point, or what you're even seeking feedback on. I am thoroughly
> confused.
> 
> Some of the responses I'm getting from you just make no sense to me--
> it's almost like you've lost track of whether you're responding
> to me or to Bernd.
> 




RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
        gem@rellim.com  Tel:+1 541 382 8588

            Veritas liberabit vos. -- Quid est veritas?
    "If you can't measure it, you can't improve it." - Lord Kelvin

pgpMiShmSZCpq.pgp
Description: OpenPGP digital signature